Maybe then we'll get proper application whitelisting / sandboxing by default in a desktop OS. And, hell, why do applications get the run of every file I use under my account? Should they not have to request such things first? Even on Unix-likes, if you get on as my user, you can trash all my data - why?

The answer is functionality. Let's consider the example of Android, an OS with a fairly recent security model, built on top of Linux which provides for chroot. Why not put apps into their own chroot jail by default? Seems like a good idea, right? How do you explain to Grandma why she can't upload photos from her camera's image gallery to Facebook? Oh, you'll solve that problem by putting the photos in a public directory? Okay, that eliminates the functionality concern, but now you're right back where you started with exposure to ransomware....

Not necessarily. This can be solved by having a standard privileged file open/save dialog that grants the access automatically to apps based on user input. Of course that limits the UI designs in some ways.. I wrote some ideas 11 years ago how something like this could be done. Partially obsolete nowadays though but still could be doable (except for the web browser parts - web security seems to be a lost cause already). Perhaps once these kind of worse malwares start happening people would finally implement a more secure desktop. There's no reason why I shouldn't be able to easily run whatever program I want without it breaking my computer.

Sorry for advertising my own product, but pretty much on topic here.:) Buy two (cheap) servers from completely different networks / data center providers, and keep them replicated with http://wiki2.dovecot.org/Replication. You can set up MX records to both of them, and use DNS to switch between the replicas for IMAP/POP3 as needed. Either one of the data centers can die and your mail won't stop working. Or keep one of the replicas in local network and your mail keeps working even if your internet connection dies.

(Then you'll only need to hope that there are no software bugs bringing down everything.)

Dunno how it works in Germany, but I think the people should be able to decide for themselves what kind of education they want, whenever they want (+- a few years). And maybe more importantly: If you decide wrong at some point, you should be able to switch if you're good enough. I think the way it works in Finland is good enough. I dropped out of high school (wanted to code all nights), finished it 7 years later when I had more motivation, had no problem getting into university trying out something new interesting I re-learned at high school (biotech!), then deciding it wasn't really worth the trouble and switching back to computer science and getting a BSc out of it. The high school and college stories I hear from the US are pretty depressing usually.

Until some laptop has MagSafe or similar I won't even consider it. I remember too well when I used to trip over the power cords and drag my laptop on the floor. Or break the power plug because it got twisted when moving the laptop in a bad direction. Or stepping on the power plug and breaking it. (Yeah, I don't treat my laptops all that well.)

Any time you join an existing project you have to learn how to use its libraries, this is no different. Yeah, maybe you'll save a few hours of learning time if some of it is standardized by the base language. If that becomes a real issue with someone you probably shouldn't have hired him/her anyway.

It's also very hard to write type safe code properly in C. Just look at the classic example of the unsafe qsort versus the safer and faster std::sort.

You can do all kinds of nifty stuff with macros and gcc/clang extensions to provide type safety to C. Yeah, if you don't already have a library for that it can be a bit difficult to write one (or find one you like). But once you have the library it's very easy to write (mostly) type safe code with C. For example I have a type safe array_sort() in C.

But every implementation I've seen of a QR code reader in Android and IOS also gives you the option to inspect the content visually before acting on it. They ask if you want to proceed.

Of course one could argue the click-thru generation does not know enough to evaluate the content, but then these are the same people that no amount of malware/antivirus software can protect.

Is the confirmation something like OK/Cancel? I also tend to click OK buttons without hardly even reading them. That's why potentially security sensitive questions shouldn't have such simple buttons, but rather two (radio?) buttons that require you to read (and hopefully understand) what you're doing, such as: "Replace network settings from QR" and "Keep the existing network settings".

Yes, there are some advantages to using SQL database, like I said.. But I highly doubt "huge speed advantage" is one of them, unless you compare to a really badly set up system. I know people have switched from DBMail to Dovecot simply because Dovecot is so much faster..

Email isn't stored in SQL, because typically it's rather pointless. Full text search indexing doesn't require SQL, and it's more efficient without SQL anyway. There are some good use cases for storing emails in SQL database, but efficiency isn't one of them.